Off-the-Record Messaging, commonly referred to as OTR, is a cryptographic protocol that provides strong encryption for instant messaging conversations. OTR uses a combination of the AES symmetric-key algorithm, the Diffie–Hellman key exchange, and the SHA-1 hash function. In addition to authentication and encryption, OTR provides perfect forward secrecy and malleable encryption.
OTR allows you to have private conversations over instant messaging by providing:
- No one else can read your instant messages.
- You are assured the correspondent is who you think it is.
- The messages you send do not have digital signatures that are checkable by a third party. Anyone can forge messages after a conversation to make them look like they came from you. However, during a conversation, your correspondent is assured the messages he sees are authentic and unmodified.
- Perfect forward secrecy
- If you lose control of your private keys, no previous conversation is compromised.
- Adium (Mac OS X)
- BitlBee (Cross-platform)
- Blink Cocoa(Cross-platform)
- CenterIM (Unix-like)
- climm (Unix-like)
- ChatSecure (formerly Gibberbot) (Android, iPhone, Mac, Linux or PC)
- Jitsi (formerly SIP Communicator) (Cross-platform)
- MCabber (Unix-like)
- Phoenix Viewer, a Second Life client (Cross-platform)
- Profanity: OTR page
- Psi+ (Cross-platform)
- Vacuum IM (Cross-platform)
- Xabber (Android)
- yaxim (Android)
- Gajim (Cross-platform) with Off-The-Record Encryption for Gajim
- irssi (Cross-platform) with irssi-otr
- Kopete (Unix-like) with Kopete Off-the-Record plugin
- Miranda IM (Microsoft Windows) with MirOTR - OTR for Miranda IM
- Miranda NG (Microsoft Windows) with MirOTR - OTR for Miranda NG
- Pidgin (formely Gaim) (Cross-platform) with OTR plugin for Pidgin
- Poezio with pure-python-otr
- Salut à Toi with pure-python-otr and otr.js (for the web frontend)
- Trillian (Microsoft Windows) with Trillian OTR
- WeeChat (Cross-platform) with weechat-otr
- XChat (Cross-platform) with xchat-otr